#!/bin/bash
clear

if [[ "$EUID" -ne 0 ]]; then
    echo "Script need to be run as root!" && exit 1
fi

apt-get -qq update
apt-get -y -qq install stunnel4

openssl req -new -x509 -days 365 -nodes \
-subj '/C=DO/ST=Dropbear/L=Debian/O="Cybertize"/OU="Cybertize Stunnel"/CN=cybertize.tk' \
-out /etc/stunnel/stunnel.pem -keyout /etc/stunnel/stunnel.pem
openssl dhparam 2048 >> /etc/stunnel/stunnel.pem

# /etc/default/stunnel
echo 'ENABLED=1
FILES="/etc/stunnel/*.conf"
OPTIONS=""
PPP_RESTART=0
RLIMITS="-n 4096"' > /etc/default/stunnel4

# /etc/stunnel/stunnel.conf
echo 'pid = /var/run/stunnel4/stunnel.pid
chroot = /usr/lib/x86_64-linux-gnu/stunnel
setuid = nobody
setgid = nogroup
cert = /etc/stunnel/stunnel.pem

[dropbear service]
accept = 2021
connect = 127.0.0.1:440

[openvpn service]
accept = 2022
connect = 127.0.0.1:587' > /etc/stunnel/stunnel.conf

systemctl restart stunnel4
